Date: Tue, 9 Jan 2001 09:46:50 +0200 From: Marc Silver <marcs@draenor.org> To: cjclark@alum.mit.edu Cc: freebsd-security@FreeBSD.ORG Subject: Re: What do these mean? Message-ID: <20010109094650.C94766@draenor.org> In-Reply-To: <20010108234245.J95729@rfx-64-6-211-149.users.reflexco>; from cjclark@reflexnet.net on Mon, Jan 08, 2001 at 11:42:46PM -0800 References: <20010109084540.Y94766@draenor.org> <20010108234245.J95729@rfx-64-6-211-149.users.reflexco>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi there, Sorry then but quick question... why doesn't it simply remove those that have expired from the list?? Cheers, Marc On Mon, Jan 08, 2001 at 11:42:46PM -0800, Crist J. Clark wrote: > On Tue, Jan 09, 2001 at 08:45:40AM +0200, Marc Silver wrote: > > Hi there, > > > > I wonder if someone could please explain the following to me: > > > > 00600 18 2253 (T 0, # 24) ty 0 tcp, x.x.x.x 3812 <-> 213.165.64.100 25 > > 00600 25 6583 (T 0, # 33) ty 0 tcp, x.x.x.x 3809 <-> 204.216.28.88 25 > > 00600 1349 912199 (T 0, # 61) ty 0 tcp, x.x.x.x 3805 <-> 193.233.48.66 15651 > > 00600 24 4399 (T 0, # 101) ty 0 tcp, x.x.x.x 3819 <-> 196.2.146.4 6667 > > 00500 44 13717 (T 0, # 117) ty 0 tcp, 196.14.168.230 1028 <-> x.x.x.x 22 > > 00600 46 5247 (T 0, # 158) ty 0 tcp, x.x.x.x 3813 <-> 196.7.70.227 25 > > 00600 7 1744 (T 0, # 186) ty 0 tcp, x.x.x.x 3804 <-> 193.233.48.66 47013 > > 00600 1 40 (T 0, # 240) ty 0 tcp, x.x.x.x 3811 <-> 196.7.70.227 113 > > 00500 13708 1276593 (T 300, # 244) ty 0 tcp, 196.14.168.229 2950 <-> x.x.x.x 22 > > ^^^^^ ^^^^^^^^^^^^^^^^^^^^^^ > > I simply dont understand what these mean. I'm guessing that > > they're counters, but I'm not 100% certain. Could someone please > > explain to me what they are. I'd really appreciate it, as it > > seems that some of these stateful rules simply never close even > > though there is no traffic going through them (or at least, there > > really shouldn't be 45 minutes after a mail has been sent etc). > > > > Please email me back as I'm not subscribed to this list. > > > 00500 13708 1276593 (T 300, # 244) ty 0 tcp, 196.14.168.229 2950 <-> x.x.x.x 22 > ^^^^^ ^^^^^^^ ^^^ ^^^ > packets bytes seconds number > > The seconds are how long the rule has until it times out. It looks > like you have an active SSH going on. All of the other rules are > expired. > -- > Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010109094650.C94766>